---
- name: Swing cluster from one hub to another using Assisted Installer
  hosts: localhost
  vars:
    spoke_cluster_name: mlab-ctigtdc01d
    new_cluster_name: new-cluster-name
    new_cluster_namespace: managed-cluster
    base_domain: redhat.com
    source_hub_url: https://api.source-hub.example.com:6443
    target_hub_url: https://api.target-hub.example.com:6443
    ocp_username: admin
    ocp_password: password
    source_kubeconfig: /tmp/source-hub.kubeconfig
    target_kubeconfig: /tmp/target-hub.kubeconfig
  tasks:
    - name: Login to source hub
      shell: >
        oc login {{ source_hub_url }} -u {{ ocp_username }} -p {{ ocp_password }} --kubeconfig={{ source_kubeconfig }}
      register: source_login_result

    - name: Get kubeconfig secret from source hub
      shell: >
        oc get secret {{ spoke_cluster_name }}-admin-kubeconfig -n {{ spoke_cluster_name }} -o json --kubeconfig={{ source_kubeconfig }}
      register: kubeconfig_secret
      when: source_login_result.rc == 0

    - name: Get kubeadmin password secret from source hub
      shell: >
        oc get secret {{ spoke_cluster_name }}-kubeadmin-password -n {{ spoke_cluster_name }} -o json --kubeconfig={{ source_kubeconfig }}
      register: kubeadmin_secret
      when: source_login_result.rc == 0

    - name: Get AgentClusterInstall from source hub
      shell: >
        oc get agentclusterinstall {{ spoke_cluster_name }} -n {{ spoke_cluster_name }} -o json --kubeconfig={{ source_kubeconfig }}
      register: agentclusterinstall_backup
      when: source_login_result.rc == 0

    - name: Get ClusterDeployment from source hub
      shell: >
        oc get clusterdeployment {{ spoke_cluster_name }} -n {{ spoke_cluster_name }} -o json --kubeconfig={{ source_kubeconfig }}
      register: clusterdeployment_backup
      when: source_login_result.rc == 0

    - name: Parse kubeconfig secret (remove source-specific fields)
      set_fact:
        parsed_kubeconfig_secret: "{{ (kubeconfig_secret.stdout | from_json) | combine({'metadata': {'name': '{{ new_cluster_name }}-admin-kubeconfig', 'namespace': '{{ new_cluster_namespace }}', 'uid': omit, 'creationTimestamp': omit, 'resourceVersion': omit}}) }}"
      when: source_login_result.rc == 0

    - name: Parse kubeadmin password secret (remove source-specific fields)
      set_fact:
        parsed_kubeadmin_secret: "{{ (kubeadmin_secret.stdout | from_json) | combine({'metadata': {'name': '{{ new_cluster_name }}-kubeadmin-password', 'namespace': '{{ new_cluster_namespace }}', 'uid': omit, 'creationTimestamp': omit, 'resourceVersion': omit}}) }}"
      when: source_login_result.rc == 0

    - name: Simplify AgentClusterInstall (remove source-specific fields)
      set_fact:
        simplified_agentclusterinstall: >-
          {{
            {
              "apiVersion": agentclusterinstall_backup.stdout | from_json | json_query('apiVersion'),
              "kind": agentclusterinstall_backup.stdout | from_json | json_query('kind'),
              "metadata": {
                "name": new_cluster_name,
                "namespace": new_cluster_namespace
              },
              "spec": {
                "networking": agentclusterinstall_backup.stdout | from_json | json_query('spec.networking'),
                "clusterDeploymentRef": agentclusterinstall_backup.stdout | from_json | json_query('spec.clusterDeploymentRef'),
                "imageSetRef": agentclusterinstall_backup.stdout | from_json | json_query('spec.imageSetRef'),
                "provisionRequirements": agentclusterinstall_backup.stdout | from_json | json_query('spec.provisionRequirements'),
                "apiVIP": agentclusterinstall_backup.stdout | from_json | json_query('spec.apiVIP'),
                "ingressVIP": agentclusterinstall_backup.stdout | from_json | json_query('spec.ingressVIP'),
                "clusterMetadata": agentclusterinstall_backup.stdout | from_json | json_query('spec.clusterMetadata')
              }
            }
          }}

    - name: Simplify ClusterDeployment (remove source-specific fields)
      set_fact:
        simplified_clusterdeployment: >-
          {{
            {
              "apiVersion": "hive.openshift.io/v1",
              "kind": "ClusterDeployment",
              "metadata": {
                "name": new_cluster_name,
                "namespace": new_cluster_namespace
              },
              "spec": {
                "baseDomain": base_domain,
                "installed": true,
                "clusterMetadata": {
                  "adminKubeconfigSecretRef": {
                    "name": new_cluster_name + "-admin-kubeconfig"
                  },
                  "clusterID": "<>",
                  "infraID": "<>"
                },
                "clusterInstallRef": {
                  "group": "extensions.hive.openshift.io",
                  "kind": "AgentClusterInstall",
                  "name": new_cluster_name + "-install",
                  "version": "v1beta1"
                },
                "clusterName": new_cluster_name,
                "platform": {
                  "agentBareMetal": {}
                },
                "pullSecretRef": {
                  "name": "pull-secret"
                }
              }
            }
          }}

    - name: Preserve the cluster on delete
      shell: >
        oc patch clusterdeployment {{ spoke_cluster_name }} -n {{ spoke_cluster_name }} --type=merge -p '{"spec":{"preserveOnDelete":true}}' --kubeconfig={{ source_kubeconfig }}
      register: patch_result
      when: source_login_result.rc == 0

    - name: Delete ManagedCluster from source hub
      shell: >
        oc delete managedcluster {{ spoke_cluster_name }} --kubeconfig={{ source_kubeconfig }}
      register: delete_managedcluster_result
      when: source_login_result.rc == 0

    - name: Delete ClusterDeployment from source hub
      shell: >
        oc delete clusterdeployment {{ spoke_cluster_name }} -n {{ spoke_cluster_name }} --kubeconfig={{ source_kubeconfig }}
      register: delete_clusterdeployment_result
      when: source_login_result.rc == 0

    - name: Login to target hub
      shell: >
        oc login {{ target_hub_url }} -u {{ ocp_username }} -p {{ ocp_password }} --kubeconfig={{ target_kubeconfig }}
      register: target_login_result

    - name: Apply kubeconfig secret to target hub
      shell: >
        echo '{{ parsed_kubeconfig_secret | to_json }}' | oc apply -f - --kubeconfig={{ target_kubeconfig }}
      when: target_login_result.rc == 0

    - name: Apply kubeadmin password secret to target hub
      shell: >
        echo '{{ parsed_kubeadmin_secret | to_json }}' | oc apply -f - --kubeconfig={{ target_kubeconfig }}
      when: target_login_result.rc == 0

    - name: Print simplified AgentClusterInstall for verification
      debug:
        var: simplified_agentclusterinstall

    - name: Apply simplified AgentClusterInstall to target hub
      shell: >
        echo '{{ simplified_agentclusterinstall | to_json }}' | oc apply -f - --kubeconfig={{ target_kubeconfig }}
      when: target_login_result.rc == 0

    - name: Print simplified ClusterDeployment for verification
      debug:
        var: simplified_clusterdeployment

    - name: Apply simplified ClusterDeployment to target hub
      shell: >
        echo '{{ simplified_clusterdeployment | to_json }}' | oc apply -f - --kubeconfig={{ target_kubeconfig }}
      when: target_login_result.rc == 0

    - name: Wait for ClusterDeployment to complete
      shell: >
        oc wait --for=condition=Ready clusterdeployment/{{ new_cluster_name }} -n {{ new_cluster_namespace }} --timeout=10m --kubeconfig={{ target_kubeconfig }}
      register: clusterdeployment_wait_result
      when: target_login_result.rc == 0
